CVE-2025-65955

ImageMagick’s Magick++ vulnerability CVE-2025-65955 manifests when Options::fontFamily is invoked with an empty string, causing a use-after-free/dangling font pointer in _drawInfo->font and potentially leading to crashes or heap corruption on cleanup or subsequent updates. The issue arises bec...

TencentOS Server 4: ghostscript (TSSA-2024:0902)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0902 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-53103)

hvsock: Initializing vsk-trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk-trans may not be initialized to NULL, which could lead to a dangling pointer. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...

PT-2025-47377

Name of the Vulnerable Software and Affected Versions GNU GRUB Grand Unified Bootloader affected versions not specified Description A use-after-free issue exists in GNU GRUB Grand Unified Bootloader. The problem stems from an incorrect memory pointer retention during the file-closing process,...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-50264)

vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans. During loopback communication, a dangling pointer can be created in vsk-trans, potentially leading to a Use-After-Free condition. This plugin only works with Tenable.ot. Please visit...

CVE-2011-10034

AUTOMGEN versions up to and including 8.0.0.7 also referenced as 8.022 contain a vulnerability in that project file handling frees an object and subsequently dereferences the stale pointer when processing certain malformed fields. The dangling-pointer use enables an attacker to influence an...

EUVD-2011-5270

AUTOMGEN versions up to and including 8.0.0.7 also referenced as 8.022 contain a vulnerability in that project file handling frees an object and subsequently dereferences the stale pointer when processing certain malformed fields. The dangling-pointer use enables an attacker to influence an...

Siemens SIMATIC S7-1500 Use After Free (CVE-2020-8231)

Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990859)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990859 advisory. In the Linux kernel, the following vulnerability has been resolved: hvsock: Initializing vsk-trans to NULL to prevent a dangling pointer When hvs is released, there ...

kernel: net: af_can: do not leave a dangling sk pointer in can_create()

In the Linux kernel, the following vulnerability has been resolved: net: afcan: do not leave a dangling sk pointer in cancreate On error cancreate frees the allocated sk object, but sockinitdata has already attached it to the provided sock object. This will leave a dangling sk pointer in the sock...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix potential CAN frame reception race in isotprcv CVE-2022-48830 kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB CVE-2024-46689 kernel: Squashfs: sanity check...

Use After Free

Overview OpenEXR is a Python bindings for the OpenEXR image file format Affected versions of this package are vulnerable to Use After Free via the PyObjectStealAttrString function. An attacker can execute arbitrary code or cause a crash by passing a dangling pointer to APIs such as PyLongAsLong o...

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free via the PyObjectStealAttrString function. An attacker can execute arbitrary code or cause a crash by passing a dangling pointer to APIs such as PyLongAsLong or PyFloatAsDouble after the reference has been decremented. PoC...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990267)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990267 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2capsockcreate btsockalloc...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989332)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989332 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2capsockcreate btsockalloc...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990183)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990183 advisory. In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6create sockinitdata attaches the allocated...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989626)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989626 advisory. In the Linux kernel, the following vulnerability has been resolved: net: afcan: do not leave a dangling sk pointer in cancreate On error cancreate frees the allocate...

JLSEC-2025-23 Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when se...

Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data...

CVE-2022-50516

In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix invalid derefence of sblvbptr I experience issues when putting a lkbsb on the stack and have sblvbptr field to a dangled pointer while not using DLMLKFVALBLK. It will crash with the following kernel message, the...

CVE-2022-50516

The CVE-2022-50516 issue in the Linux kernel’s fs: dlm was fixed by a patch that ensures sb_lvbptr is not dereferenced when DLM_LKF_VALBLK is involved, avoiding a potential NULL/dangling pointer dereference in memcpy paths. The fix copies lvbptr arrays only when DLM_LKF_VALBLK is set (not merely ...